CVE-2005-1980

Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service MSDTC service hang via a crafted Transaction Internet Protocol TIP message that causes DTC to repeatedly connect to a target IP and port number after an error occurs, aka the "Distributed TI...

iDEFENSE Security Advisory 10.11.05: Microsoft Distributed Transaction Controller TIP DoS Vulnerability

Microsoft Distributed Transaction Controller TIP DoS Vulnerability iDEFENSE Security Advisory 10.11.05 www.idefense.com/application/poi/display?id=320&type=vulnerabilities October 11, 2005 I. BACKGROUND The Distributed Transaction Controller provides a method for disparate processes to complete...

CVE-2005-1980

Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service MSDTC service hang via a crafted Transaction Internet Protocol TIP message that causes DTC to repeatedly connect to a target IP and port number after an error occurs, aka the "Distributed TI...

CVE-2005-1980

CVE-2005-1980 corresponds to the MSDTC TIP Denial of Service vulnerability described in Microsoft Security Bulletin MS05-051 (CAN-2005-1980). The flaw affects MSDTC TIP processing, enabling a remote attacker to cause the DTC service to stop responding by sending a crafted TIP message. Microsoft l...

CVE-2005-2119

Mode C: CVE-2005-2119 is discussed in connected docs as a MSDTC DoS variant: remote attackers can crash MSDTC by sending a BuildContextW request with a large UuidString or GuidIn, causing out-of-range memory access. It notes this is a variant of CVE-2005-2119 and affects the Microsoft Distributed...

CVE-2005-1979

CVE-2005-1979 affects the Microsoft Distributed Transaction Coordinator (MSDTC) TIP handling. A denial-of-service can occur when a remote attacker sends a crafted TIP message, potentially terminating MSDTC and affecting dependent services. The issue is mitigated by MS05-051 updates across Windows...

CVE-2005-1979

Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service MSDTC service exception and exit via an "unexpected protocol command during the reconnection request," which is not properly handled by the Transaction Internet Protocol TIP functionality...

Microsoft Distributed Transaction Coordinator Memory Corruption (MS05-051; CVE-2005-2119)

DTC Distributed Transaction Coordinator is a system service that coordinates transactions. A vulnerability was detected in the DTC service for several Microsoft Windows operating systems that can allow remote attackers to execute arbitrary code via a crafted DTC packet...

Microsoft MSDTC TIP Distributed Denial Of Service Vulnerability

Description The Microsoft MSDTC Microsoft Distribution Transaction Coordinator service is prone to a vulnerability that may permit denial of service attacks against the service or facilitate distributed denial of service attacks against other computers. The vulnerability exists in the TIP...

Microsoft Distributed Transaction Coordinator vulnerable to buffer overflow via specially crafted network message

Overview Microsoft Distributed Transaction Coordinator MSDTC may be vulnerable to a flaw that allows remote unauthenticated attackers to execute arbitrary code. Description The Microsoft Distributed Transaction Coordinator MSDTC is described by Microsoft as "distributed transaction facility for...

CVE-2004-2478

The CVE-2004-2478 entry concerns Jetty HTTP Server in affected products (IBM Trading Partner Interchange < 4.2.4; CA Unicenter Web Services Distributed Management

CVE-2004-2478

Unspecified vulnerability in Jetty HTTP Server, as used in 1 IBM Trading Partner Interchange before 4.2.4, 2 CA Unicenter Web Services Distributed Management WSDM before 3.11, and possibly other products, allows remote attackers to read arbitrary files via a .. dot dot in the URL...

[SECURITY] [DSA 770-1] New gopher packages fix insecure temporary file creation

-------------------------------------------------------------------------- Debian Security Advisory DSA 770-1 [email protected] http://www.debian.org/security/ Martin Schulze July 29th, 2005 http://www.debian.org/security/faq -...

SpamAssassin 3, Vipul's Razor: Denial of Service vulnerability

Background SpamAssassin is an extensible email filter which is used to identify junk email. Vipul's Razor is a client for a distributed, collaborative spam detection and filtering network. Description SpamAssassin and Vipul's Razor contain a Denial of Service vulnerability when handling special...

IRC Bot Detection

This host seems to be running an ident server, but before any request is sent, the server gives an answer about a connection to port 6667. It is very likely this system has been compromised by an IRC bot and is now a 'zombie' that can participate in 'distributed denial of service' DDoS attacks...

HP-UX PHSS_26909 : HP-UX, HP Jetdirect, HP Procurve Switches, HP OpenView Network Node Manager (NNM), OpenView Distributed Management (DM), HP TopTools Remote Control Card Running SNMP, Remote Unauthorized Access, Denial of Service (DoS) (HPSBUX00184 SSRT071347 rev.17)

s700800 11.00 OV ECS3.00 Intermediate patch April 2002 : Vulnerabilities in SNMP request and trap handling. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHSS26909. The text itself is copyright C...

HP-UX PHSS_26919 : HP-UX, HP Jetdirect, HP Procurve Switches, HP OpenView Network Node Manager (NNM), OpenView Distributed Management (DM), HP TopTools Remote Control Card Running SNMP, Remote Unauthorized Access, Denial of Service (DoS) (HPSBUX00184 SSRT071347 rev.17)

s700800 11.00 OV NNM6.1 pmd/ovtrapd fixes : Vulnerabilities in SNMP request and trap handling. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHSS26919. The text itself is copyright C Hewlett-Packard Developme...

CVE-2004-2478

Unspecified vulnerability in Jetty HTTP Server, as used in 1 IBM Trading Partner Interchange before 4.2.4, 2 CA Unicenter Web Services Distributed Management WSDM before 3.11, and possibly other products, allows remote attackers to read arbitrary files via a .. dot dot in the URL...

DEBIAN-CVE-2004-0398

Heap-based buffer overflow in the nerfc1036parse date parsing function for the neon library libneon 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client...

DEBIAN-CVE-2004-0014

Multiple buffer overflows in the nd WebDAV interface 0.8.2 and earlier allows remote web servers to execute arbitrary code via certain long strings...